firewall failover

Unanswered Question
Apr 29th, 2009

2 ASA boxes in failover mode.Say, if we have to physically remove one box from the pair, can we just remove it physically without any outage?

Or is that services may be affected, as most of the devices off this firewall would be pointed to the vip ip of this

pair.

Is this a problem or is it like the sessions would break off?

Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
srue Thu, 04/30/2009 - 04:53

you can remove one without any problems. read the failover notes for whatever version OS you are running to see exactly what is 'failover proof'. eg, i know the routing tables are NOT failover proof (unless you use static routes only).

when i managed all my PIXes/ASA's, i would rearrange them in the racks and unplug one without any problems.

Actions

This Discussion